Many large, global companies are scrambling to find ways to manage rapidly increasing data volumes while trying to retain critical business functions, increase services and quality and get a grip on spiraling operations costs. Through it all, security remains a fundamental concern. It’s not lost on IT managers or top corporate executives that IBM mainframe applications have to function every day, round the clock. Or that the data your mainframe applications store and transmit is nothing short of mission-critical.
If you’re considering outsourcing, you need to know whether transitioning to the cloud might compromise security anywhere within your organization. But look at it this way: security provided by prospective outsourcing partners has to meet the highest industry standards, or those providers wouldn’t remain in business.
Security is defined by good habits.
That’s true whether you move functions into the cloud or continue to rely on in-house IBM mainframe applications. To assure you’re doing everything you can, you need to:
- Control every access point, to protect data, guard against ID theft or unauthorized access to private information and ensure you’re complying with internal policies and external regulatory requirements.
- Back up data frequently – or make sure continuous virtual processes are redundant.
- Regularly test your recovery processes, so you know your disaster response plan will actually work as expected.
- Tighten security guidelines – details such as locking down all mainframe resources.
- Periodically audit your security systems, regardless of who’s responsible for administering them day to day.
And you should periodically assess your security arrangements, to identify and plug gaps. That’s especially important. Your business isn’t a static entity, so naturally your security needs and procedures have to keep up.
Cloud-based choices often provide inherently better solutions, especially when it comes to disaster recovery and redundancy, protecting hardware, software and data from physical damage as well as technological threats. Outsourcing can include ongoing maintenance and management of enterprise and also off-the-shelf applications running on mainframes. Including both applications and infrastructure maximizes control, reduces opportunities for potential problems and, therefore, reduces operational risk.
Even if you choose broad-scale migration to the cloud, you can still retain proprietary or especially sensitive applications. You never relinquish ultimate control, because final decision-making authority always lies with you.
However you choose to manage your IBM mainframe applications, high-performance encryption is readily available. Coupled with access authorization policies and procedures tailored to your enterprise, you can be as well-protected as the latest technology allows. And whatever you choose, a properly managed transition that minimizes disruption will also be least likely to compromise security during the migration process.
The bottom line.
Your security is only as good as the policies and procedures you put in place. For IT operations that are entirely in-house, or if you choose to outsource or virtualize some aspects such as IBM mainframe applications, you should insist on state-of-the-art security systems and stringent procedures that meet SAS 70 standards.
Your security plan should address overall system protections, data sets and related resources, networks and operating systems as well as who is ultimately responsible for monitoring compliance of each category. That way you’ll know you’re doing everything possible to reach the ultimate goal: end-to-end authentication and accountability.
Maintaining security of your IBM mainframe applications is an ongoing process, with success based on strict guidelines, total compliance and vigilant oversight. Outsourcing can assure as good or better security than you can provide yourself. It can increase efficiencies and quality, and introduce scalability and future-proofing that optimize ongoing costs as well as total cost of ownership.
Photo via JermJus on Flickr